Securing your data in Direct Link
Direct Link does not store any customer data. IBM does not encrypt data transmitted through a direct link. Where available, data sent between customer devices and the direct link can be encrypted using MACsec. For more information, see Planning for the Direct Link Dedicated MACsec feature.
Data about your specific Direct Link configuration is encrypted in transit and at rest. Configuration data is deleted upon your request through API or User Interface.
How your data is stored and encrypted in Direct Link
All interaction with Direct Link from clients is encrypted. For example, when a client uses an API or interacts with the service through a user interface to configure gateways and connections, all such interactions are fully end-to-end encrypted. Likewise, data elements that are related to the clients' configuration are encrypted in transit and at rest. No personal or sensitive data is stored, processed, or transmitted. Data at rest is stored in an encrypted database.
However, the result of using Direct Link is to join customer networks together. After networks are joined, for example from on-premises networks to a VPC, the encryption of data that clients choose to transmit across the network is the client's responsibility.
Protecting your sensitive data in Direct Link
All data related to Direct Link's configuration is not considered as sensitive data. The configuration data is encrypted at rest at the database level. The Direct Link offering does not manage customer-managed keys. Therefore, Key Protect and Hyper Protect Crypto Services are not used.
About customer-managed keys
The Direct Link offering does not manage customer-managed keys. Therefore, Key Protect and Hyper Protect Crypto Services are not used.
Enabling customer-managed keys for Direct Link
The Direct Link offering does not manage customer-managed keys. Therefore, Key Protect and Hyper Protect Crypto Services are not used.
Working with customer-managed keys for Direct Link
The Direct Link offering does not manage customer-managed keys. Therefore, Key Protect and Hyper Protect Crypto Services are not used.
Deleting your data in Direct Link
The Direct Link configuration is deleted on request through the API or user interface.
Deleting Direct Link instances
The Direct Link configuration is deleted on request through the API or user interface.
Restoring deleted data for Direct Link
Direct Link does not support the restoration of deleted data.